<?php
	session_start();

	echo($_POST['username']);
	echo($_POST['password']);

	require '../extras/dbConnect.php';

	$query = "SELECT * FROM accounts_active";
	$result = mysql_query($query, $connection) or die("Error in query: $query." . mysql_error($connection));
	$rows = mysql_num_rows($result); // get the number of rows in the resultset
	$checker = 1;
	
	if ($rows > 0){
	
		for ($i=0; $i<$rows; $i++){
			$row = mysql_fetch_object($result);

			if ( ($_POST['username'] == $row->username) and (md5($_POST['password']) == $row->password)){
				$_SESSION['user'] = $row->username;
				$goto = 1;
			}
		}
		
		if (isset($goto)) {
			header('Location:../encoder.php'); 
		}
		else {
			$_SESSION['loginError'] = 1;
			header('Location:../index.php');
		}
	}
	mysql_close($connection);

?>
